CVE-2022-31012 is a vulnerability identified in Git for Windows, a Windows-specific fork of the widely used Git version control system. The issue is classified under CWE-426, which pertains to untrusted search path vulnerabilities. Specifically, in versions of Git for Windows prior to 2.37.1, the installer erroneously executes a binary located at `C:\mingw64\bin\git.exe` during a fresh installation process. This behavior arises because the installer does not securely validate the search path for executables, allowing an attacker to place a malicious binary in the `C:\mingw64\bin` directory. When the installer runs, it may inadvertently execute this malicious binary instead of the legitimate Git executable. Notably, this vulnerability only manifests during fresh installations and does not affect upgrade procedures. The root cause is the untrusted search path that the installer uses to locate executables, which can be exploited if an attacker has the ability to create or modify files in the `C:\mingw64` directory or its parent `C:\` directory. The vendor addressed this vulnerability in version 2.37.1 by patching the installer to prevent execution of untrusted binaries. Two practical workarounds exist: first, creating the `C:\mingw64` folder and removing read/write permissions for unauthorized users to prevent malicious binary placement; second, restricting folder creation rights in the root `C:\` directory to trusted users only. There are no known exploits in the wild reported to date, and the vulnerability requires local access with the ability to write to specific directories on the system. This vulnerability does not require user interaction beyond running the installer and is limited in scope to fresh installations of affected Git for Windows versions prior to 2.37.1.

For European organizations, the impact of this vulnerability is primarily on the integrity and availability of systems where Git for Windows is freshly installed. An attacker with local access or the ability to influence the file system on a target machine could execute arbitrary code with the privileges of the installer process, potentially leading to system compromise, unauthorized code execution, or persistence mechanisms. This could undermine the integrity of software development environments, continuous integration/continuous deployment (CI/CD) pipelines, and other workflows relying on Git for Windows. However, since the vulnerability only affects fresh installations and not upgrades, the window of exposure is limited. Confidentiality impact is moderate since arbitrary code execution could lead to data exfiltration if exploited. Availability could also be affected if malicious code disrupts Git operations or the host system. The lack of known exploits reduces immediate risk, but organizations deploying Git for Windows in development or production environments should remain vigilant. The vulnerability is less likely to be exploited remotely, limiting its impact to insider threats or attackers with some level of system access. Overall, the threat poses a medium risk to European organizations, especially those with active software development teams using Git for Windows and where endpoint security controls are insufficient to prevent unauthorized file system modifications.

European organizations should prioritize upgrading Git for Windows installations to version 2.37.1 or later, where the vulnerability is patched. For environments where immediate upgrade is not feasible, implement the following mitigations: 1) Pre-create the `C:\mingw64` directory on target systems and restrict its permissions to prevent unauthorized users from writing or modifying files within it. This can be enforced via Group Policy Objects (GPO) in Active Directory environments or endpoint management solutions. 2) Restrict the ability of non-administrative users to create folders or files directly in the root `C:\` directory, limiting the attack surface for placing malicious binaries. 3) Employ endpoint detection and response (EDR) tools to monitor for suspicious file creation or execution events in the `C:\mingw64\bin` path. 4) Educate IT and development teams to avoid installing Git for Windows from untrusted sources and to verify installer integrity. 5) Integrate installation processes into automated, controlled deployment pipelines that enforce security policies and prevent unauthorized file system changes. 6) Regularly audit installed software versions and patch levels across endpoints to ensure compliance with security standards. These targeted mitigations go beyond generic advice by focusing on filesystem permissions and installation process controls specific to this vulnerability.